Uploaded image for project: 'Opencast'
  1. MH-12974

Access denial to event for unprivileged user

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed and reviewed
    • Affects versions: 5.1
    • Fix versions: None
    • Components: Backend Software
    • Labels:
      None
    • Severity:
      Incorrectly Functioning Without Workaround
    • Steps to reproduce:
      Hide
      Due to the incorrect usage of ``getAcl()``, unprivileged users may not
      have access to events despite the ACL explicitly allowing them access.
      Instead, `getActiveAcl()` should be used to evaluate the correct access
      permissions for a given event.

      Note that there are further, less critical issues with `getAcl()` as
      mentioned on list [1] which will be dealt with separately with a patch
      against `r/6.x`.

      [1] https://groups.google.com/a/opencast.org/forum/#!topic/dev/CqGR1K3LNXE
      Show
      Due to the incorrect usage of ``getAcl()``, unprivileged users may not have access to events despite the ACL explicitly allowing them access. Instead, `getActiveAcl()` should be used to evaluate the correct access permissions for a given event. Note that there are further, less critical issues with `getAcl()` as mentioned on list [1] which will be dealt with separately with a patch against `r/6.x`. [1] https://groups.google.com/a/opencast.org/forum/#!topic/dev/CqGR1K3LNXE

      TestRail: Results

        Attachments

          Activity

            People

            • Assignee:
              lkiesow Lars Kiesow
              Reporter:
              lkiesow Lars Kiesow
            • Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                TestRail: Cases